Arbitrary File Upload Vulnerability in Phoca Downloads for Joomla
CVE-2026-57828
9CRITICAL
What is CVE-2026-57828?
The Phoca Downloads extension for Joomla contains a vulnerability that enables authenticated users to upload arbitrary executable files. This can lead to unauthorized remote code execution on the server, posing severe security risks. Proper security measures and updates are essential to mitigate this issue.
Affected Version(s)
phoca.cz Phoca Download extension for Joomla 1.0-6.1.2
